Jump to:

10390 Posts in 2201 Topics by 1712 members

All other Modules

SilverStripe Forums » All other Modules » Newsletter Module, security concern unsubscription link

Discuss all other Modules here.

Moderators: martimiz, Howard, Sean, Ryan M., biapar, Willr, Ingo, swaiba, simon_w

Page: 1	Go to End
Author	Topic:	679 Views

TF-35Lightning

Community Member
137 Posts

Newsletter Module, security concern unsubscription link

16 May 2010 at 11:34pm

Hi all I have just got the Newsletter module running for the first time and have noticed that I can simply unsubscribe any email address that I desire (if I guess the correct email) via the link
http://localhost/silverstripe/silverstripe-v2.4.0/unsubscribe/index/myemail@gmail.com/1
(I put in the email address I guess)
etc.
I presume it is up to us to come up with some kind of unique identifier to check an id and an email address against each other to help secure the unsubscription, or is that built into it somewhere or?
There's not much point in having the Newsletter module if people can unsubscribe each other so easily etc.
Any help would be great

		679 Views
Page: 1	Go to Top

On to “The news!” - News via the ModelAdmin

Simon 'Sphere' Erkelens is a freelance developer, fulltime employee of We::Code in the Netherlands with a tertiary background in applied physics. Before that, Simon worked for Squal Media. He started using SilverStripe at the end of 2009. Simon has given multiple presentations on implementing...

Read on

Follow @SilverStripe

Quick links

Ask questions in our Forums

Learn all about our CMS

Download SilverStripe

Try SilverStripe yourself in our online demo

Get inspired. See our Community Showcase

Learn all about the SilverStripe Framework

See all the free support options we offer

Stay up to date with our SilverStripe Newsletter

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.

Privacy Policy